Academic institutions are becoming a large target for cyber-attacks. Due to the sheer size of universities, the damage done by cyber criminals can be vast. Not only can it damage reputation, it can have major financial repercussions both instant (breach of regula tion fines) and long term (difficulty securing future funding).
You may think that universities aren’t worth targeting as there are much larger companies who are more appealing at first glance. This isn’t the case. Cyber criminals are starting to focus more on the retrieval of personal data, something which universities are brimming with. Any details that are provided on application forms by students when they enrol can all be intercepted. This can leave data like your name, address, DOB, phone number & bank account information open for the taking.
But why would they want your personal information? Hackers can use this information to sell on to third party criminals, or even commit identity fraud.
Not only is there the appeal of personal information at their fingertips, universities also make many large transactions for things such as payroll & department budgets. To target this area, they’ll usually use an email address from a senior member of staff who will then send a carefully written email and ask the victim to transfer funds over to X bank account as a matter of urgency. Due to the nature of the person asking for the request, most individuals would oblige and send funds where asked.
Universities can have gaps & weak points in their infrastructures because they aren’t regulated as heavily as financial institutions for example & this is very appealing to a cyber-criminal looking for their next target. Not only can the university staff get targeted, students usually do too. As vulnerable young adults, students can be the ideal target for hackers. The usual technique they use is called phishing, the action of pretending to be someone else over an email. Hackers may send emails in the shape of grant applications or bank account suspensions which, when clicked, go to a landing page to prompt the victim to type in bank details.
How can universities protect themselves?
Universities should consider giving ample & regular cyber awareness training to staff & students. Here they can get everyone to understand the importance of being diligent with the online world. As well as that, they should be conscious of any trending threats that may be circulating and ensure that all relevant bodies know the danger.
We have created posters to help keep your workforce educated. If you would like a complete set of the posters delivered by Royal mail please fill out the contact form here and use the subject POSTERS.